ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix-check11' of https://github.com/bridgecrewio/prowler into bridgecrewio-fix-check11

Browse Source
This commit is contained in:
Toni de la Fuente
2020-02-12 23:13:49 +01:00
parent b9a4f2c4e8 447657140d
commit 35fc8cd0bf
1 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
checks/check11
View File

@@ -16,6 +16,20 @@ CHECK_ALTERNATE_check101="check11"
check11(){
# "Avoid the use of the root account (Scored)."
COMMAND11=$(cat $TEMP_REPORT_FILE| grep '<root_account>' | cut -d, -f5,11,16 | sed 's/,/\ /g')
textInfo "Root account last accessed (password key_1 key_2): $COMMAND11"
MAX_DAYS=-1
last_login_date=$(cat $TEMP_REPORT_FILE|awk -F, '{ print $1,$5 }' |grep '<root_account>' | awk '{ print $2 }')
arn=$(cat $TEMP_REPORT_FILE|awk -F, '{ print $1,$2 }' |grep '<root_account>' | awk '{ print $2 }')
#check if last_login_date date is a valid date, if not, its a pass.
if [[ ${last_login_date%T*} =~ ^[0-9]{4}-[0-9]{2}-[0-9]{2}$ ]];then
days_not_in_use=$(how_many_days_from_today ${last_login_date%T*})
if [ "$days_not_in_use" -gt "$MAX_DAYS" ];then
textFail "Root Account $arn last accessed was less then ${MAX_DAYS#-} day ago"
else
textPass "Root Account $arn last accessed was more then ${MAX_DAYS#-} day ago"
fi
else
textPass "Root Account $arn last accessed was more then ${MAX_DAYS#-} day ago"
fi
}